Chief DevSecOps Engineer jobs in United States
cer-icon
Apply on Employer Site
company-logo

Network Designs, Inc. ยท 5 hours ago

Chief DevSecOps Engineer

positionMcLean, VA
timeFull-time
remoteHybrid
senioritySenior Level, Lead/Staff
money$135K/yr - $155K/yr
date10+ years exp

Network Designs, Inc. (NDi) is a leading Federal contractor specializing in IT and network solutions for government customers. The Chief DevSecOps Engineer will serve as the senior technical authority for secure software delivery, responsible for architecting and implementing the DevSecOps ecosystem for the Veterans Health Administration Enrollment System.

Information ServicesInformation Technology
check
Diversity & InclusionbadNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Design, implement, and oversee the VESEE DevSecOps toolchain supporting CI/CD, automated testing, code scanning, container security, and deployment
Architect secure, cloud-native pipelines for Java 17+, Spring Boot, Spring WebFlux, Kafka, Redis, Oracle, and React/Next.js applications deployed to AWS VAEC using Kubernetes and Docker
Define and enforce security, reliability, and operations standards across all development and modernization tasks
Lead implementation of Zero Trust, container hardening, and secure-by-design controls aligned to NIST 800-53 Rev5, FISMA, and VA Directive 6500
Serve as the authoritative owner of CI/CD security, code quality, secrets management, and compliance validation
Integrate automated tools for SAST, DAST, SCA, IaC scanning, dependency checking, and container scanning
Ensure all DevSecOps pipelines meet requirements of: FedRAMP High, FIPS 140-3, HIPAA, VA Identity, Credential, and Access Management (ICAM) policies, 508 accessibility checks where applicable
Support development teams in achieving Authority to Operate (ATO) sustainment in partnership with VA OIS
Implement end-to-end automation for build, test, deploy, and monitor stages across all environments (development, integration, staging, production)
Integrate observability tools (e.g., Splunk, Dynatrace, CloudWatch) to support proactive monitoring, alerting, and performance optimization
Drive 'shift-left' quality by enforcing test automation standards (unit, integration, regression, 508 testing)
Ensure VESEE systems meet performance thresholds, including throughput, latency, and reliability requirements cited in the RFP and VESEE tech stack documents
Serve as senior technical advisor to the Program Manager, Principal Senior Software Engineer, Release/Delivery Manager, and VA architecture teams
Lead DevSecOps discussions during Sprint Planning, PI Planning, and Release Readiness
Mentor developers, DevSecOps engineers, and infrastructure staff in secure engineering best practices
Coordinate with the Business, Data, QA, and HCD teams to ensure secure, automated workflows across the entire delivery lifecycle

Qualification

DevSecOpsCloud EngineeringCI/CDCybersecurityAWSKubernetesDockerTerraformAnsibleGitHub ActionsPythonBashJava 17+Spring BootSpring WebFluxSplunkDynatraceNIST SP 800-53FISMAFedRAMPCISSPCompTIA Security+ITIL v4

Required

U.S Citizenship required
Must be able to obtain and maintain a Public Trust clearance
Bachelor's degree in Computer Science, Engineering, Cybersecurity, or related discipline (Master's preferred)
Minimum 10+ years of hands-on DevSecOps, Cloud Engineering, or Secure Software Delivery experience
Experience supporting federal programs with elevated security requirements (DHS, VA, DoD, HHS, etc.)
Background in large-scale modernization, cloud migration, and modernization of legacy systems
Expert understanding of CI/CD and cloud-native engineering
Strong knowledge of federal cybersecurity requirements
Ability to lead cross-functional technical teams
Ability to translate security requirements into automated pipeline controls
Strong communication and stakeholder engagement skills
Demonstrated commitment to continuous improvement and reliability engineering
LanguagesFrameworks: Java 17+, Spring Boot, Spring WebFlux, Streams API, Scripted automation (Python, Bash)
CloudInfrastructure: AWS (GovCloud or VAEC strongly preferred), Kubernetes (EKS), Docker, Terraform, Ansible, Helm, GitHub Actions
DevSecOps Toolchain: GitHub Enterprise, Jenkins, SonarQube, Nexus/Artifactory, SAST/DAST/SCA tools, IaC security tools (Checkov, tfsec)
ObservabilityMonitoring: Dynatrace, Splunk, CloudWatch
SecurityCompliance: NIST SP 800-53, RMF, FISMA, FedRAMP, Zero Trust, OAuth2/OpenID Connect, TLS 1.3, Container security and compliance scanning

Preferred

CompTIA Security+, CISSP, or CISM
SAFe DevOps Practitioner (SDP) or SAFe Architect
AWS Certified DevOps Engineer
CKA/CKAD (Kubernetes Certifications)
ITIL v4

Benefits

Comprehensive health, dental, vision, pet, and legal insurance
401(k) retirement matching
Paid leave
Paid holidays
Health and wellness programs
Employer-paid life and disability insurance
Professional development
Education benefits

Company

Network Designs, Inc.

twittertwittertwitter
company-logo
NDi is a Verified Service-Disabled Veteran Owned Small Business [SDVOSB] professional services firm, supporting Federal and Commercial customers since 1995.
dateFounded in 1995
location
Mclean, Virginia, USA
people-size51-200 employees
web-link
https://www.netdes.com/

Funding

Current Stage
Growth Stage

Leadership Team

leader-logo
Anthony Zeruto, CISM
CEO and Owner
linkedin
Company data provided by crunchbase